Cybersecurity author: Businesses must prepare for ransomware attacks

By George Slaughter, News Editor
Posted 2/3/22

A cybersecurity author said small business owners assume their companies are not subject to ransomware attacks. This miscalculation puts them at greater risk when those attacks do happen.

This item is available in full to subscribers.

Please log in to continue

Log in

Cybersecurity author: Businesses must prepare for ransomware attacks

Posted

A cybersecurity author said small business owners assume their companies are not subject to ransomware attacks. This miscalculation puts them at greater risk when those attacks do happen.

Charles Swihart, of Preactive IT Solutions, spoke at a Feb. 3 Katy Area Chamber of Commerce meeting at the Katy YMCA, 1350 Main St.

“Ransomware is a malicious software that encrypts your files," Swihart said. "It demands a ransom to get your files back and to not release them to threaten clients and vendors.”

Texas trails only California and New York in the number of ransomware attacks in business interruptions, Swihart said.

Swihart asked the audience to imagine themselves in a scenario.

“You get to work on Monday, and something seems off,” Swihart said. “A few people seem to be freaking out. You try to log in, and you cannot access your files and email. You step out to see if others are having the same problem.”

Continuing his description, Swihart said other people are having the same issues, The IT personnel are sweating.

“They have no idea how you got there,” Swihart said. “They’re frantically trying to deal with the situation. It’s an extremely stressful situation to be in. Your business is stopped in its tracks. It might be a few weeks to recover your files.”

Swihart uses this scenario to get people to think about how they can protect themselves. But he said IT security isn't only on management or the IT department. Employees must play a role in IT security. Otherwise, they could be out of a job if the business fails.

“Don’t think that since you’re not an owner or the it guy, it won’t affect you,” Swihart said.

For home networks, Swihart said it was wise to regularly back up one’s files. Storing those files on another drive, such as Microsoft OneDrive, is also helpful.

“Microsoft OneDrive is your friend,” Swihart said.

Swihart said a recent report claimed that 31% of ransomware attacks came from China. But most attacks, he said, come from countries such as Russia, Ukraine and Romania. He said the ransomware programmers are very professional in their work.

“They do this as a profession, and they’re very good at it,” Swihart said.

In some cases, opening a malicious email can unleash a ransomware attack. But he said every ransomware attack which he helped to address came from a lack of network security. He said management often assumes that the IT people were cybersecurity experts. Yet he said in most cases the IT people weren't even properly managing the antivirus software. The security software might not be updated, or it might be missing on some computers, Swihart said.

Among recent ransomware attacks that received public attention involved Colonial Pipeline. The attack forced the company to shut down its pipeline system to the eastern U.S. in 2021 and pay a $4.4 million ransom. Federal authorities got involved, and was able to recover $2.7 million of that amount, Swihart said.

“Colonial Pipeline has more than 800 employees,” Swihart said. “You’d assume a company that size had good practices. They didn’t.”

Swihart said management assumes all is well when employees can access files and print documents. But it isn’t so. Management fails to invest in computer security or keeping current on security issues. When the next ransomware attack happens, management doesn’t know how to respond.

Swihart said companies should develop and use checklists to prevent possible IT issues. Such checklists can promote safe practices and cut risk.

ransomware, IT, cybersecurity, Katy Area Chamber of Commerce